From 26a443be18ec15e972da2aed776c2a918736922a Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Fri, 26 Jul 2013 02:32:38 -0700
Subject: fix cert generation bug: was creating 2024 bit keys instead of 2048
 bit keys by default.

---
 provider_base/provider.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'provider_base/provider.json')

diff --git a/provider_base/provider.json b/provider_base/provider.json
index b6a7af21..84ef640e 100644
--- a/provider_base/provider.json
+++ b/provider_base/provider.json
@@ -38,12 +38,12 @@
     "digest": "SHA256",
     "life_span": "10y",
     "server_certificates": {
-      "bit_size": 2024,
+      "bit_size": 2048,
       "digest": "SHA256",
       "life_span": "1y"
     },
     "client_certificates": {
-      "bit_size": 2024,
+      "bit_size": 2048,
       "digest": "SHA256",
       "life_span": "2m",
       "limited_prefix": "LIMITED",
-- 
cgit v1.2.3


From d8b9ab39d333de6494e5006b3ba4abf4b8901bca Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Sat, 21 Sep 2013 16:52:55 -0700
Subject: ensure that contacts.default is an array, and is required (requires
 latest leap_cli).

---
 provider_base/provider.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'provider_base/provider.json')

diff --git a/provider_base/provider.json b/provider_base/provider.json
index 84ef640e..5b335e8a 100644
--- a/provider_base/provider.json
+++ b/provider_base/provider.json
@@ -8,8 +8,8 @@
     "en": "REQUIRED"
   },
   "contacts": {
-    "default": "REQUIRED",
-    "english": "= contacts.default.split('@').join(' at the domain ')"
+    "default": ["REQUIRED"],
+    "english": "= contacts.default.map {|email| email.split('@').join(' at the domain ')}.join(', ')"
   },
   "languages": ["en"],
   "default_language": "en",
-- 
cgit v1.2.3


From fefab2386f0fbd9f218dc0b361eb833875c27f56 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Sun, 29 Dec 2013 22:16:03 -0800
Subject: added support for minimum client version checking

---
 provider_base/provider.json | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'provider_base/provider.json')

diff --git a/provider_base/provider.json b/provider_base/provider.json
index 5b335e8a..8864e24d 100644
--- a/provider_base/provider.json
+++ b/provider_base/provider.json
@@ -50,5 +50,9 @@
       "unlimited_prefix": "UNLIMITED"
     }
   },
-  "hiera_sync_destination": "/etc/leap"
+  "hiera_sync_destination": "/etc/leap",
+  "client_version": {
+    "min": "0.5",
+    "max": null
+  }
 }
-- 
cgit v1.2.3


From 18121335c200b86a39f83a7cd240258c40a81f4e Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Fri, 14 Mar 2014 17:54:01 -0700
Subject: added support for environment specific providers (e.g.
 provider.production.json). requires latest leap_cli.

---
 provider_base/provider.json | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'provider_base/provider.json')

diff --git a/provider_base/provider.json b/provider_base/provider.json
index 8864e24d..fa69318b 100644
--- a/provider_base/provider.json
+++ b/provider_base/provider.json
@@ -23,17 +23,17 @@
     ],
     "default_service_level": 1,
     "bandwidth_limit": 102400,
-    "allow_free": "= global.provider.service.levels.select {|l| l['rate'].nil?}.any?",
-    "allow_paid": "= global.provider.service.levels.select {|l| !l['rate'].nil?}.any?",
-    "allow_anonymous": "= global.provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?",
-    "allow_registration": "= global.provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?",
-    "allow_limited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?",
-    "allow_unlimited_bandwidth": "= global.provider.service.levels.select {|l| l['bandwidth'].nil?}.any?"
+    "allow_free": "= provider.service.levels.select {|l| l['rate'].nil?}.any?",
+    "allow_paid": "= provider.service.levels.select {|l| !l['rate'].nil?}.any?",
+    "allow_anonymous": "= provider.service.levels.select {|l| l['name'] == 'anonymous'}.any?",
+    "allow_registration": "= provider.service.levels.select {|l| l['name'] != 'anonymous'}.any?",
+    "allow_limited_bandwidth": "= provider.service.levels.select {|l| l['bandwidth'] == 'limited'}.any?",
+    "allow_unlimited_bandwidth": "= provider.service.levels.select {|l| l['bandwidth'].nil?}.any?"
   },
   "ca": {
-    "name": "= global.provider.ca.organization + ' Root CA'",
-    "organization": "= global.provider.name[global.provider.default_language]",
-    "organizational_unit": "= 'https://' + global.provider.domain",
+    "name": "= provider.ca.organization + ' Root CA'",
+    "organization": "= provider.name[provider.default_language]",
+    "organizational_unit": "= 'https://' + provider.domain",
     "bit_size": 4096,
     "digest": "SHA256",
     "life_span": "10y",
-- 
cgit v1.2.3